CN113569302A - Terminal trusted control module, control method and device and electronic equipment - Google Patents
Terminal trusted control module, control method and device and electronic equipment Download PDFInfo
- Publication number
- CN113569302A CN113569302A CN202110859312.8A CN202110859312A CN113569302A CN 113569302 A CN113569302 A CN 113569302A CN 202110859312 A CN202110859312 A CN 202110859312A CN 113569302 A CN113569302 A CN 113569302A
- Authority
- CN
- China
- Prior art keywords
- terminal
- chip
- controlling
- module
- switching module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000004891 communication Methods 0.000 claims description 65
- 238000012545 processing Methods 0.000 claims description 46
- 230000015654 memory Effects 0.000 claims description 20
- 238000010586 diagram Methods 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000004883 computer application Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Telephone Function (AREA)
Abstract
The invention discloses a terminal trusted control module, a control method, a control device and electronic equipment, wherein in the method, a terminal can access a first storage chip or a second storage chip through a switching module; and when the trusted control chip controls the terminal to access the first storage chip through the switching module, the control terminal cannot access the second storage chip, so that the trusted data stored by the second storage chip is prevented from being modified by external hardware, and the security of the trusted data of the second storage chip is guaranteed. Meanwhile, the first storage chip and the second storage chip are switched to obtain the starting program of the terminal, so that the problem that the trusted data information is unsafe due to the fact that the starting program data is damaged externally can be avoided.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a terminal trusted control module, a control method and a control device and electronic equipment.
Background
With the development and progress of science and technology, the world has entered the digital age currently. Our information is promoted and propagated at a great speed through computer storage, processing and propagation techniques. The main idea of trusted computing is to introduce a security chip on a hardware platform to improve the security of a terminal device.
At present, because the storage capacity of the trusted control chip is limited, if all the boot program data for booting the terminal, the backup data thereof, the switch data, etc. are stored in the trusted control chip, obviously, the data is easily damaged from the outside, and the security of the trusted data information is affected.
Disclosure of Invention
Therefore, the technical problem to be solved by the present invention is to overcome the defects that the storage capacity of the trusted control chip in the prior art is limited, and if all the boot data for booting the terminal are stored in the trusted control chip, the data is easily damaged from the outside, and the security of the trusted data information is affected, so as to provide a terminal trusted control module, a control method, an apparatus, and an electronic device.
According to a first aspect, an embodiment of the present invention provides a terminal trusted control module, including: the switching module is arranged on the terminal and comprises a trusted control chip, a switching module, a first storage chip and a second storage chip which are respectively arranged on a control panel of the terminal;
the trusted control chip is connected with a central processing chip of a terminal arranged on the control panel, and is used for storing a reference credibility value, a data size value and a storage position of a starting program of the terminal and executing switching operation among the central processing chip of the terminal, the first storage chip and the second storage chip through a switching module;
the first storage chip is connected with the trusted control chip through the switching module and is used for storing a starting program for starting the terminal;
and the second storage chip is connected with the trusted control chip through the switching module and is used for backing up the starting program of the terminal.
In one embodiment, the terminal trusted control module further includes: and the first communication interface, the second communication interface, the third communication interface and the fourth communication interface are respectively connected with the switching module.
In one embodiment, in the terminal trusted control module, the first communication interface is connected to the central processing chip of the terminal, the second communication interface is connected to the trusted control chip, the third communication interface is connected to the first storage chip, and the fourth communication interface is connected to the second storage chip.
According to a second aspect, an embodiment of the present invention provides a method for controlling a terminal trusted control module, which is used for the terminal trusted control module described in the first aspect or any implementation manner of the first aspect, and includes the following steps:
responding to the power-on of a central processing chip of a terminal, and controlling the central processing chip to execute reset operation;
controlling the switching module to switch to a first storage chip and reading a starting program of the terminal stored by the first storage chip;
identifying a current reliability value of a starting program of a terminal according to a reference reliability value of the starting program of the terminal;
and controlling the switching module to execute switching operation among a central processing chip, the first storage chip and the second storage chip of the terminal according to the identification result of the current credibility value.
In one embodiment, the step of controlling the switching module to perform a switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the recognition result of the current reliability value further includes:
if the current reliability value is larger than or equal to the reference reliability value, controlling the switching module to switch to a central processing chip and controlling the terminal to stop resetting operation;
and controlling the terminal to execute the starting operation by using the starting program read from the first storage chip.
In one embodiment, the step of controlling the switching module to perform a switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the recognition result of the current reliability value further includes:
if the current reliability is smaller than the reference reliability value, controlling the switching module to switch from the first storage chip to a second storage chip;
reading the starting program backed up by the second storage chip and controlling the terminal to stop the reset operation;
and controlling the terminal to execute the starting operation by using the starting program read from the second storage chip.
In one embodiment, the step of controlling the switching module to switch to the first memory chip and controlling the terminal to stop the reset operation if the current reliability value is greater than or equal to the reference reliability value further includes:
and if the current reliability value is greater than or equal to the reference reliability value, controlling the switching module to switch to the first storage chip through the third communication interface, and controlling the terminal to stop the reset operation through the first communication interface.
In one embodiment, the step of controlling the switching module to switch from the first memory chip to the second memory chip if the current reliability is smaller than the reference reliability value further includes:
and controlling the switching module to disconnect the third communication interface and switch from the first storage chip to the second storage chip through the fourth communication interface.
According to a third aspect, an embodiment of the present invention provides a device for controlling a terminal trusted control module, which is used for the terminal trusted control module described in the first aspect or any implementation manner of the first aspect, and includes the following modules:
the reset control module is used for responding to the electrification of a central processing chip of the terminal and controlling the central processing chip to execute reset operation;
the control reading module is used for controlling the switching module to switch to the first storage chip and reading the stored starting program of the terminal;
the reliability identification module is used for identifying the current reliability value of the starting program of the terminal according to the reference reliability value of the starting program of the terminal;
and the switching control module is used for controlling the switching module to execute switching operation among the central processing chip, the first storage chip and the second storage chip of the terminal according to the identification result of the current credibility value.
According to a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, where computer instructions are stored, and the computer instructions are configured to cause the computer to execute the terminal trusted control module control method described in the second aspect or any implementation manner of the second aspect.
According to a fifth aspect, an embodiment of the present invention provides an electronic device, including: the terminal trusted control module, the memory and the processor are communicatively connected to each other, the memory stores computer instructions, and the processor executes the computer instructions to execute the method for controlling the terminal trusted control module according to the second aspect or any of the embodiments of the second aspect.
The technical scheme of the invention has the following advantages:
the embodiment of the invention discloses a terminal trusted control module, a control method, a control device and electronic equipment, wherein in the method, a terminal can access a first memory chip or a second memory chip through a switching module; the trusted control chip controls the terminal to access the first storage chip through the switching module; the control terminal cannot access the second storage chip, so that the trusted data stored by the second storage chip is prevented from being modified by external hardware, and the security of the trusted data of the second storage chip is guaranteed. Meanwhile, the first storage chip and the second storage chip are switched to obtain the starting program of the terminal, so that the problem that the trusted data information is unsafe due to the fact that the starting program data is damaged externally can be avoided.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a block diagram of a trusted control module of a terminal in an embodiment of the present invention;
fig. 2 is a flowchart of a control method of a terminal trusted control module according to an embodiment of the present invention;
fig. 3 is a block diagram of a terminal trusted control module control apparatus according to an embodiment of the present invention;
fig. 4 is a hardware diagram of an electronic device according to an embodiment of the present invention.
Reference numerals:
11-a control panel; 110-a trusted control chip; 111-a switching module;
112-a first memory chip; 113-a second memory chip; 114-a first communication interface;
115-a second communication interface; 116-a third communication interface; 117-fourth communication interface;
12-central processing chip.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; the two elements may be directly connected or indirectly connected through an intermediate medium, or may be communicated with each other inside the two elements, or may be wirelessly connected or wired connected. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
The trusted computing taking the trusted control chip as the trust root adopts components such as cryptographic technology, trust root chip, trusted basic software and the like to build a brand-new trusted computing system structure framework, forms a trusted immune architecture by a trusted computing subsystem logically independent of the traditional system, and connects each trusted node into a complete trusted system. The method lays a firm foundation for autonomous and controllable network security in the modern information systems such as the computer application field, industrial control systems, cloud computing, internet of things, big data, mobile intelligent networks and the like.
In the related art, the storage capacity of the trusted control chip is limited, and if all the boot program data for booting the terminal, the backup data thereof, the switch data, and the like are stored in the trusted control chip, it is obvious that the data is easily damaged from the outside, and the security of the trusted data information is affected.
In view of this, an embodiment of the present invention discloses a terminal trusted control module, as shown in fig. 1, including: the terminal comprises a trusted control chip 110, a switching module 111, a first memory chip 112 and a second memory chip 113 which are respectively arranged on a control panel 11 of the terminal.
The trusted control chip 110 is connected to the central processing chip 12 of the terminal disposed on the control panel 11, and the trusted control chip 110 is configured to store a reference confidence value, a data size value, and a storage location of a start program of the terminal. For example: the control panel 11 may be a PCB circuit board and the central processing chip 12 may be a CPU chip. The trusted control chip 110 is used for performing a switching operation among the central processing chip 12, the first memory chip 112 and the second memory chip 113 of the terminal through the switching module 111.
Specifically, in fig. 1, the central processing chip 12 may be connected to the trusted control chip 110 through a first communication interface 114, where the first communication interface 114 may be a flash communication interface of a terminal, or an SPI communication interface. The reference reliability value, the data size value and the storage position of the starting program of the Flash storage terminal in the trusted control chip 110 are mainly stored through the Flash in the chip. Of course, the trusted control chip 110 may also store some trusted switching signals. In addition, the trusted control chip 110 may control the switching module 111 to implement a switching function according to a trusted switching signal stored therein. Namely, the switching module 111 is controlled by the trusted control chip 110, and the central processing chip 12, the first memory chip 112 and the second memory chip 113 are switched through the switching module 111, so that the terminal can access one Flash in the first memory chip 112 or the second memory chip 113. In fig. 1, the first communication interface 114, the second communication interface 115, the third communication interface 116, and the fourth communication interface 117 may be SPI communication interfaces. For example: when the trusted control chip 110 controls the switching module 111 to switch to the first memory chip 112 through the third communication interface 116, the fourth communication interface 117 is in a disconnected state with the second memory chip 113. For example: when the trusted control chip 110 controls the switching module 111 to switch to the second memory chip 113 through the fourth communication interface 117, the third communication interface 116 is disconnected from the first memory chip 112. The switching module 111 in the above may be a switch.
The first memory chip 112 is connected to the trusted control chip 110 through the switching module 111, and is configured to store a boot program for booting the terminal. Specifically, in fig. 1, the first memory chip 112 may be connected with the switching module 111 through the third communication interface 116. The starting procedure here mainly includes: a motherboard program and a kernel program. The first memory chip 112 may be an SPI NOR Flash chip for storing a start-up program of the terminal.
The second storage chip 113 is connected to the trusted control chip 110 through the switching module 111, and is used for backing up a start program of the terminal. Specifically, in fig. 1, the second memory chip 113 may be connected with the switching module 111 through the fourth communication interface 117. In case the boot program is backed up to prevent the boot program in the first memory chip 112 from being changed, it may be switched to the second memory chip 113 through the fourth communication interface 117. The second memory chip 113 may be an SPI NAND Flash, which has a large memory capacity, is mainly used for storing backup data of a start program of the terminal, and may also store some program image data, a confidence metric value, and the like.
In the terminal trusted control module in the embodiment of the present invention, the terminal can access the first memory chip 112 or the second memory chip 113 through the switching module 111; and the trusted control chip 110 controls the terminal to access the first memory chip 112 through the switching module 111; the control terminal cannot access the second memory chip 113, and therefore trusted data stored in the second memory chip 113 is prevented from being modified by external hardware, and the security of the trusted data of the second memory chip 113 is guaranteed. Meanwhile, if all the data storage information of the first memory chip 112 and the second memory chip 113 are stored in the trusted control chip 110 with limited capacity, the data is easily damaged from the outside, which affects the security of the trusted data information.
Based on the same concept, an embodiment of the present invention further provides a method for controlling a terminal trusted control module, which is used for the terminal trusted control module in the foregoing embodiment, and as shown in fig. 2, the method includes the following steps:
step S21: and controlling the central processing chip to execute reset operation in response to the power-on of the central processing chip of the terminal.
Since in fig. 1, the terminal is connected to the central processing chip of the terminal through the first communication interface, when the trusted control chip triggers a response when the terminal is powered on, the trusted control chip controls the CPU to execute a reset operation. I.e., the CPU is in a reset off state at this time.
Step S22: and controlling the switching module to switch to the first storage chip and read the stored starting program of the terminal.
In fig. 1, the switching module is connected to the first memory chip through the third communication interface, and the trusted control chip is switched to the first memory chip through the third communication interface to read the boot program stored in the first memory chip. At this time, according to the principle characteristic of the switching module, when the first memory chip and the switching module establish communication connection through the third communication interface, the fourth communication interface and the second memory chip are in a disconnected state, so that the terminal cannot access the second memory chip through the first communication chip, and the security of data information stored in the second memory chip can be ensured.
Step S23: and identifying the current reliability value of the starting program of the terminal according to the reference reliability value of the starting program of the terminal.
The reference reliability value here corresponds to a reference value that measures the current reliability value of the boot program. If the current credibility value is greater than or equal to the reference credibility value, the current credibility of the starting program of the terminal reaches the safety standard, otherwise, if the current credibility value is less than the reference credibility value, the current credibility of the starting program of the terminal does not reach the safety standard.
Step S24: and controlling a switching module to execute switching operation among a central processing chip, a first storage chip and a second storage chip of the terminal according to the identification result of the current credibility value.
In an embodiment, the step S24 of controlling the switching module to perform the switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the identification result of the current reliability value further includes the following steps:
firstly: and if the current reliability value is greater than or equal to the reference reliability value, the control switching module is switched to the central processing chip and the control terminal to stop the reset operation.
Specifically, the trusted control chip may control the switching module to switch from the first storage chip to the central processing chip, and control the terminal to stop the reset operation through the first communication interface. In fig. 1, the switching module is connected to the central processing chip of the terminal through a first communication interface, and the switching module is connected to the first memory chip through a third communication interface. Namely, when the current credibility value of the starting program of the terminal reaches the safety standard, the third communication interface and the fourth communication interface can be disconnected, the switching module is ensured to be connected with the central control chip through the first communication interface, and the control of the terminal to stop the reset operation by the credible control chip can be realized.
Then: and controlling the terminal to execute the starting operation by using the starting program read from the first storage chip.
At this time, the boot program of the first memory chip reaches the safety standard, which means that the boot program is not modified by the external environment, and therefore, the terminal can be controlled to perform a normal boot operation by using the boot program read from the first memory chip.
In another embodiment, the step S24 of controlling the switching module to perform the switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the recognition result of the current reliability value further includes the steps of:
firstly: and if the current reliability is smaller than the reference reliability value, controlling the switching module to switch from the first storage chip to the second storage chip.
Specifically, the trusted control chip may control the switching module to switch from the first storage chip to the second storage chip, and the switching module establishes a communication connection with the second storage chip through the fourth communication interface. At this time, the third communication interface is disconnected from the first memory chip to prevent the terminal from accessing the data information stored in the second memory chip. That is, when the current credibility value of the start-up program of the terminal does not reach the safety standard, which means that the data information stored in the first memory chip has been changed, the third communication interface can be disconnected.
Then: and reading the starting program of the second storage chip backup and controlling the terminal to stop the reset operation.
The control terminal is also required to stop the reset operation when reading the start-up program stored in the second memory chip.
And finally: and controlling the terminal to execute the starting operation by using the starting program read from the second storage chip.
The starting program of the terminal backup is read from the first storage chip, and when the starting program is modified or damaged by an external environment, the starting program read from the second storage chip can be used as the backup starting program, so that the terminal can be ensured to be capable of avoiding normal starting operation when the terminal is damaged accidentally.
According to the terminal trusted control module control method in the embodiment of the invention, the terminal can access the first memory chip or the second memory chip through the switching module; the trusted control chip controls the terminal to access the first storage chip through the switching module; the control terminal cannot access the second storage chip, so that the trusted data stored by the second storage chip is prevented from being modified by external hardware, and the security of the trusted data of the second storage chip is guaranteed. Meanwhile, the first storage chip and the second storage chip are switched to obtain the starting program of the terminal, so that the problem that the trusted data information is unsafe due to the fact that the starting program data is damaged externally can be avoided.
Based on the same concept, an embodiment of the present invention further provides a device for controlling a terminal trusted control module, which is used for the terminal trusted control module in the foregoing embodiment, and as shown in fig. 3, includes the following modules:
and the reset control module 31 is configured to control the central processing chip to perform a reset operation in response to the central processing chip of the terminal being powered on.
And the control reading module 32 is used for controlling the switching module to switch to the first storage chip and reading the stored starting program of the terminal.
The reliability identification module 33 is configured to identify a current reliability value of the start program of the terminal according to the reference reliability value of the start program of the terminal.
And the switching control module 34 is configured to control the switching module to perform a switching operation among the central processing chip, the first memory chip, and the second memory chip of the terminal according to the identification result of the current confidence value.
In the apparatus for controlling a terminal trusted control module in the embodiment of the present invention, the switching control module 34 further includes:
the first control submodule is used for controlling the switching module to switch to the central processing chip and the control terminal to stop the reset operation if the current reliability value is greater than or equal to the reference reliability value;
and the second control submodule is used for controlling the terminal to execute the starting operation by using the starting program read from the first storage chip.
In the apparatus for controlling a terminal trusted control module in the embodiment of the present invention, the switching control module 34 further includes:
the third control sub-module is used for controlling the switching module to switch from the first storage chip to the second storage chip if the current reliability is smaller than the reference reliability value;
the reading control module is used for reading a starting program of the second storage chip backup and controlling the terminal to stop the reset operation;
and the fourth control submodule is used for controlling the terminal to execute the starting operation by using the starting program read from the second storage chip.
In the apparatus for controlling a terminal trusted control module in an embodiment of the present invention, the first control sub-module further includes:
and the first control unit is used for controlling the switching module to switch to the first storage chip through the third communication interface and controlling the terminal to stop the reset operation through the first communication interface if the current reliability value is greater than or equal to the reference reliability value.
In the apparatus for controlling a terminal trusted control module in an embodiment of the present invention, the second control sub-module further includes:
and the second control unit is used for controlling the switching module to disconnect the third communication interface and switch from the first storage chip to the second storage chip through the fourth communication interface.
The terminal trusted control module control device in the embodiment of the invention enables the terminal to access the first memory chip or the second memory chip through the switching module; the trusted control chip controls the terminal to access the first storage chip through the switching module; the control terminal cannot access the second storage chip, so that the trusted data stored by the second storage chip is prevented from being modified by external hardware, and the security of the trusted data of the second storage chip is guaranteed. Meanwhile, the first storage chip and the second storage chip are switched to obtain the starting program of the terminal, so that the problem that the trusted data information is unsafe due to the fact that the starting program data is damaged externally can be avoided.
Based on the same concept, an embodiment of the present invention further provides an electronic device, as shown in fig. 4, the electronic device may include a processor 41, a memory 42, and a terminal trusted control module 43, where the processor 41, the memory 42, and the terminal trusted control module 43 may be connected by a bus or in another manner, and fig. 4 takes the connection by the bus as an example.
The processor 41 may be a Central Processing Unit (CPU). The Processor 41 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or combinations thereof.
The memory 42, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules. The processor 41 executes various functional applications and data processing of the processor by executing the non-transitory software programs, instructions and modules stored in the memory 42, that is, implements the terminal trusted control module control method in the above method embodiment.
The memory 42 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor 41, and the like. Further, the memory 42 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 42 may optionally include memory located remotely from processor 41, which may be connected to processor 41 via a network. Examples of such networks include, but are not limited to, the power grid, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 42, and when executed by the processor 41, perform the terminal trusted control module control method in the embodiment shown in the drawings.
The details of the electronic device may be understood by referring to the corresponding related descriptions and effects in the embodiments shown in the drawings, and are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It should be understood that the above examples are only for clarity of illustration and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications therefrom are within the scope of the invention.
Claims (11)
1. A terminal trusted control module, comprising: the switching module is arranged on the terminal and comprises a trusted control chip, a switching module, a first storage chip and a second storage chip which are respectively arranged on a control panel of the terminal;
the trusted control chip is connected with a central processing chip of a terminal arranged on the control panel, and is used for storing a reference credibility value, a data size value and a storage position of a starting program of the terminal and executing switching operation among the central processing chip of the terminal, the first storage chip and the second storage chip through a switching module;
the first storage chip is connected with the trusted control chip through the switching module and is used for storing a starting program for starting the terminal;
and the second storage chip is connected with the trusted control chip through the switching module and is used for backing up the starting program of the terminal.
2. The terminal trusted control module according to claim 1, further comprising: and the first communication interface, the second communication interface, the third communication interface and the fourth communication interface are respectively connected with the switching module.
3. The terminal trusted control module according to claim 2, wherein the first communication interface is connected to the central processing chip of the terminal, the second communication interface is connected to the trusted control chip, the third communication interface is connected to the first memory chip, and the fourth communication interface is connected to the second memory chip.
4. A terminal trusted control module control method for a terminal trusted control module according to any one of claims 1 to 3, comprising the steps of:
responding to the power-on of a central processing chip of a terminal, and controlling the central processing chip to execute reset operation;
controlling the switching module to switch to a first storage chip and reading a starting program of the terminal stored by the first storage chip;
identifying a current reliability value of a starting program of a terminal according to a reference reliability value of the starting program of the terminal;
and controlling the switching module to execute switching operation among a central processing chip, the first storage chip and the second storage chip of the terminal according to the identification result of the current credibility value.
5. The method according to claim 4, wherein the step of controlling the switching module to perform a switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the identification result of the current reliability value further comprises:
if the current reliability value is larger than or equal to the reference reliability value, controlling the switching module to switch to a central processing chip and controlling the terminal to stop resetting operation;
and controlling the terminal to execute the starting operation by using the starting program read from the first storage chip.
6. The method according to claim 4, wherein the step of controlling the switching module to perform a switching operation among the central processing chip, the first memory chip and the second memory chip of the terminal according to the identification result of the current reliability value further comprises:
if the current reliability is smaller than the reference reliability value, controlling the switching module to switch from the first storage chip to a second storage chip;
reading the starting program backed up by the second storage chip and controlling the terminal to stop the reset operation;
and controlling the terminal to execute the starting operation by using the starting program read from the second storage chip.
7. The method according to claim 5, wherein the step of controlling the switching module to switch to the first memory chip and controlling the terminal to stop the reset operation if the current reliability value is greater than or equal to the reference reliability value further comprises:
and if the current reliability value is greater than or equal to the reference reliability value, controlling the switching module to switch to the first storage chip through the third communication interface, and controlling the terminal to stop the reset operation through the first communication interface.
8. The method according to claim 6, wherein the step of controlling the switching module to switch from the first memory chip to the second memory chip if the current reliability is less than the reference reliability value further comprises:
and controlling the switching module to disconnect the third communication interface and switch from the first storage chip to the second storage chip through the fourth communication interface.
9. A terminal trusted control module control apparatus for the terminal trusted control module according to any one of claims 1 to 3, comprising:
the reset control module is used for responding to the electrification of a central processing chip of the terminal and controlling the central processing chip to execute reset operation;
the control reading module is used for controlling the switching module to switch to the first storage chip and reading the stored starting program of the terminal;
the reliability identification module is used for identifying the current reliability value of the starting program of the terminal according to the reference reliability value of the starting program of the terminal;
and the switching control module is used for controlling the switching module to execute switching operation among the central processing chip, the first storage chip and the second storage chip of the terminal according to the identification result of the current credibility value.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores computer instructions for causing the computer to execute the terminal trusted control module control method according to any one of claims 4 to 9.
11. An electronic device, comprising: the terminal trusted control module of any one of claims 1 to 3, a memory, and a processor, the terminal trusted control module, the memory, and the processor being communicatively coupled to each other, the memory having stored therein computer instructions, the processor being configured to execute the computer instructions to perform the terminal trusted control module control method of any one of claims 4 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110859312.8A CN113569302A (en) | 2021-07-28 | 2021-07-28 | Terminal trusted control module, control method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110859312.8A CN113569302A (en) | 2021-07-28 | 2021-07-28 | Terminal trusted control module, control method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113569302A true CN113569302A (en) | 2021-10-29 |
Family
ID=78168651
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110859312.8A Pending CN113569302A (en) | 2021-07-28 | 2021-07-28 | Terminal trusted control module, control method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113569302A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114647500A (en) * | 2022-05-23 | 2022-06-21 | 深圳市华曦达科技股份有限公司 | Intelligent terminal start control method and device and USB equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109241745A (en) * | 2018-08-28 | 2019-01-18 | 全球能源互联网研究院有限公司 | A kind of credible starting method and device of computing platform |
| CN109840430A (en) * | 2017-11-28 | 2019-06-04 | 中国科学院沈阳自动化研究所 | The secure processing units and its bus arbitration method of PLC |
| CN110928499A (en) * | 2019-11-18 | 2020-03-27 | 珠海泰芯半导体有限公司 | Flash memory embedded in chip, chip and starting method of chip |
| CN111737700A (en) * | 2020-06-18 | 2020-10-02 | 全球能源互联网研究院有限公司 | Fusion system, method, device and equipment of trusted chip firmware |
| CN113127879A (en) * | 2019-12-31 | 2021-07-16 | 杭州海康威视数字技术股份有限公司 | Trusted firmware starting method, electronic equipment and readable storage medium |
-
2021
- 2021-07-28 CN CN202110859312.8A patent/CN113569302A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109840430A (en) * | 2017-11-28 | 2019-06-04 | 中国科学院沈阳自动化研究所 | The secure processing units and its bus arbitration method of PLC |
| CN109241745A (en) * | 2018-08-28 | 2019-01-18 | 全球能源互联网研究院有限公司 | A kind of credible starting method and device of computing platform |
| CN110928499A (en) * | 2019-11-18 | 2020-03-27 | 珠海泰芯半导体有限公司 | Flash memory embedded in chip, chip and starting method of chip |
| CN113127879A (en) * | 2019-12-31 | 2021-07-16 | 杭州海康威视数字技术股份有限公司 | Trusted firmware starting method, electronic equipment and readable storage medium |
| CN111737700A (en) * | 2020-06-18 | 2020-10-02 | 全球能源互联网研究院有限公司 | Fusion system, method, device and equipment of trusted chip firmware |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114647500A (en) * | 2022-05-23 | 2022-06-21 | 深圳市华曦达科技股份有限公司 | Intelligent terminal start control method and device and USB equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9507604B2 (en) | Boot method and boot system | |
| US9240924B2 (en) | Out-of band replicating bios setting data across computers | |
| US9846616B2 (en) | Boot recovery system | |
| US20110179211A1 (en) | Bios architecture | |
| US9632806B1 (en) | Remote platform configuration | |
| CN108228374B (en) | Equipment fault processing method, device and system | |
| US10037170B2 (en) | Motherboard and a method for boot-up | |
| US9026685B2 (en) | Memory module communication control | |
| US11314665B2 (en) | Information processing system, information processing device, BIOS updating method for information processing device, and BIOS updating program for information processing device | |
| TW201626134A (en) | Rack having multi-RMMs and firmware updating method for the rack | |
| CN113569302A (en) | Terminal trusted control module, control method and device and electronic equipment | |
| CN111159090B (en) | Information processing method and device and electronic equipment | |
| EP3190514A1 (en) | Boot on-line upgrading apparatus and method | |
| US20180081550A1 (en) | System and method for detecting redundant array of independent disks (raid) controller state from baseboard management controller (bmc) | |
| RU2600101C1 (en) | Assembly control module and method of firmware updating for this control module | |
| US20140181496A1 (en) | Method, Apparatus and Processor for Reading Bios | |
| CN109684153B (en) | Server with double firmware storage spaces and firmware updating method thereof | |
| US20220279118A1 (en) | Image capturing apparatus, method for controlling image capturing apparatus, information processing apparatus | |
| EP4260216A1 (en) | Electronic device bios updates | |
| US9323516B2 (en) | Electronic device system and electronic device | |
| CN111694587A (en) | Server PNOR firmware upgrading method, device, equipment and storage medium | |
| CN111142961B (en) | Basic input/output system setting method | |
| TWI391825B (en) | Processing module, operation system and processing method utilizing the same | |
| WO2016145774A1 (en) | Electronic equipment start-up method and device | |
| US10782758B2 (en) | Power control method for storage device and electronic system using the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |